CVE-2020-6420: 
Google Chrome vulnerability analysis and mitigation

Insufficient policy enforcement in media in Google Chrome prior to version 80.0.3987.132 allowed a remote attacker to bypass same origin policy via a crafted HTML page. The vulnerability was assigned CVE-2020-6420 and was discovered on February 11, 2020 (Chrome Blog).

The vulnerability received a CVSS v3.1 base score of 8.8 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. This indicates that the vulnerability is network exploitable, requires low attack complexity, needs no privileges, but does require user interaction. The potential impact is high across confidentiality, integrity, and availability (NVD).

The vulnerability could allow an attacker to bypass the same origin policy, which is a critical security control in web browsers. This bypass could potentially lead to unauthorized access to sensitive data across different origins, compromising the fundamental security boundaries between web applications (NVD).

The vulnerability was patched in Chrome version 80.0.3987.132. Users and administrators should update to this version or later to mitigate the risk. The fix was released as part of a larger security update that addressed multiple vulnerabilities (Chrome Blog).